test/stdout/5881

   1 ### A server with a nonverifying cert and no TLSA
   2 ### A server with a verifying cert and no TLSA
   3 ### A server with two MXs for which both TLSA lookups return defer (delivery should defer)
   4 ### A server lacking a TLSA, dane required (should fail; should get an event)
   5 ### A server lacking a TLSA, dane requested only (should deliver, non-DANE, as the NXDOMAIN is not DNSSEC)
   6 ### A server where the A is dnssec and the TLSA lookup _fails_ (delivery should defer)
   7 ### A server securely saying "no TLSA records here", dane required (delivery should fail)
   8 ### A server securely saying "no TLSA records here", dane requested only (should deliver)
   9 ### A server securely serving a wrong TLSA record, dane requested only (delivery should fail)
  10 ### A server insecurely serving a good TLSA record, dane requested only (should deliver, non-DANE)
  11 ### A server insecurely serving a good TLSA record, dane required (delivery should fail)
  12 ### A server insecurely serving a good A record, dane requested only (should deliver, non-DANE)
  13 ### A server insecurely serving a good A record, dane required (delivery should fail)
  14 ### A server with a name not matching the cert.  TA-mode; should fail
  15 ### A server with a name not matching the cert.  EE-mode; should deliver and claim DANE mode
  16
  17 ******** SERVER ********
  18 ### A server with a nonverifying cert and no TLSA
  19 ### A server with a verifying cert and no TLSA
  20 ### A server with two MXs for which both TLSA lookups return defer (delivery should defer)
  21 ### A server lacking a TLSA, dane required (should fail; should get an event)
  22 ### A server lacking a TLSA, dane requested only (should deliver, non-DANE, as the NXDOMAIN is not DNSSEC)
  23 ### A server where the A is dnssec and the TLSA lookup _fails_ (delivery should defer)
  24 ### A server securely saying "no TLSA records here", dane required (delivery should fail)
  25 ### A server securely saying "no TLSA records here", dane requested only (should deliver)
  26 ### A server securely serving a wrong TLSA record, dane requested only (delivery should fail)
  27 ### A server insecurely serving a good TLSA record, dane requested only (should deliver, non-DANE)
  28 ### A server insecurely serving a good TLSA record, dane required (delivery should fail)
  29 ### A server insecurely serving a good A record, dane requested only (should deliver, non-DANE)
  30 ### A server insecurely serving a good A record, dane required (delivery should fail)
  31 ### A server with a name not matching the cert.  TA-mode; should fail
  32 ### A server with a name not matching the cert.  EE-mode; should deliver and claim DANE mode